Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
APSCC
2008
IEEE
2008
IEEE
A Service-Oriented Framework for Quantitative Security Analysis of Software Architectures
Software systems today often run in malicious environments in which attacks or intrusions are quite common. This situation has brought security concerns into the development of software systems. Generally, software services are expected not only to satisfy functional requirements but also to be resistant to malicious attacks. Software attackability is defined as the likelihood that an attack on a software system will succeed. In this paper, we present a service-oriented framework to analyze attackability of software systems. More specifically, we propose a User System Interaction Effect (USIE) model that can be used systematically to derive and analyze security concerns from service-oriented software architectures. Many aspects of the model derivation and analysis can be automated, which limit the amount of user involvement, and thereby reduce the subjectivity underlying typical security risk analysis process. The model can be used as a foundation for quantitative analysis of software...
Real-time TrafficRelated Content
| Added | 29 May 2010 |
| Updated | 29 May 2010 |
| Type | Conference |
| Year | 2008 |
| Where | APSCC |
| Authors | Yanguo Liu, Issa Traoré, Alexander M. Hoole |
Comments (0)
Researcher Info
|
